using gnupg with mutt

Georgi Guninski guninski at
Sat Jul 2 04:47:19 PDT 2016

On Fri, Jul 01, 2016 at 08:11:20PM -0700, Rayzer wrote:
> Waiting for Juan to tell us how compromised gpg is and that you're a fed
> if you question his (snigger) authority.


Thu Nov 27 09:29:51 CET 2003
GnuPG's ElGamal signing keys compromised

Phong Nguyen identified a severe bug in the way GnuPG creates and uses
ElGamal keys for signing.  This is a significant security failure
which can lead to a compromise of almost all ElGamal keys used for
signing.  Note that this is a real world vulnerability which will
reveal your private key within a few seconds.

Do you mean to see more like this from gpg?

IIRC gpg used small number, to save picoseconds in computations
and the attack fucked them with lattice reduction in nanoseconds...

Not to mention the compatibility with pgp 0.0001, which makes
keyid collisions trivial (the ubuntu comrades suffered from this
few times).

More information about the cypherpunks mailing list